Black Duck's Free Tool Digs Out Open Source Bugs
Black Duck Software this week released Security Checker, a free tool based on the company's Hub open source security solution.Security Checker is a drag-and-drop, Web-based tool that allows users to determine if known open source vulnerabilities exist in the components used to build applications. It scans the code in an uploaded archive file or Docker image and provides a report showing the identified open source code and known bugs... Read more at Black Duck
Debunking seven fundamental cyber-security myths
If we look at the world of cyber security through the eyes of the media, it's a pretty frightening view. We hear story after story of security breaches hitting major companies and the next data leaks that follows affecting thousands of people. It's enough to fill any business with trepidation. With cyber security such a big talking point, we tend to see a lot of information floating around -- some of which is not in the least bit true. If a company wants to enhance its IT security it is imperative to be able to separate facts from fiction... Read more at Myths
VirusTotal Policy Change Rocks Anti-Malware Industry
On May 4, VirusTotal (VT) dropped a bombshell that has reverberated throughout the anti-malware industry. That bombshell was a two-sentence change to VT's policies: "all scanning companies will now be required to integrate their detection scanner in the public VT interface, in order to be eligible to receive antivirus results as part of their VirusTotal API services." A second amendment requires new applicants to effectively be certified by the Anti-Malware Testing Standards Organization (AMTSO)... Read more at VirusTotal
Push for Encryption is Losing Steam in Congress, Despite Apple Showdown
After a rampage that left 14 people dead in San Bernardino, key U.S. lawmakers pledged to seek a law requiring technology companies to give law enforcement agencies a "back door" to encrypted communications and electronic devices, such as the iPhone used by one of the shooters. Now, only months later, much of the support is gone, and the push for legislation dead, according to sources in congressional offices, the administration and the tech sector... Read more at Encryption